[stdlib-sig] Backwards compat (was: Evolving the Standard Library)

C. Titus Brown ctb at msu.edu
Wed Sep 16 17:54:14 CEST 2009


On Wed, Sep 16, 2009 at 05:43:18PM +0200, Tarek Ziad? wrote:
> On Wed, Sep 16, 2009 at 4:43 PM, C. Titus Brown <ctb at msu.edu> wrote:
> > On Wed, Sep 16, 2009 at 09:28:35AM -0400, Jesse Noller wrote:
> >> On Wed, Sep 16, 2009 at 9:18 AM, Michael Foord <michael at voidspace.org.uk> wrote:
> >> >
> >> > It looks like it will be something covered at the language summit, but an
> >> > open space is a good idea. Backwards compatibility is a *big* problem for
> >> > any major refactoring though.
> >> >
> >> > Michael
> >> >
> >>
> >> Yup, language summit. I'm hoping to cover some amount of this in a
> >> pending talk proposal I have in the pycon system too.
> >
> > One interesting thought for backwards compatibility -- why not take all
> > of the PyPI packages and try importing and/or testing them across
> > versions, and then trying to build automatic classifiers to highlight
> > the "interesting" breakages? ?A first pass filter would be "breakages we
> > know about" vs "breakages we don't."
> >
> > Then you could build these breakages into a compatibility diagnostics
> > package.
> >
> > Sounds like a fun PyCon sprint to me...
> 
> I don't know if you remember my message on the snakebite mailing list
> some times ago on a related topic.
> 
> That's the same process I would like to do to test distutils over
> PyPI, by grabbing
> packages there and running some commands using their setup.py.
> and say "this package is Distutils certified !"
> 
> But this requires some work to make sure there are no security
> problems I/O-wise, unless you work with a list of trusted packages (which is
> not what we would want if we want to do QA tests)
> 
> And the environment has to be reseted after each run to make sure
> there are no problems created by the package.
> 
> Quite a work, but I am in for some brainstroming at Pycon on this topic
> if you are interested :)

yep, absolutely!  I think I've got the execution and reporting end
handled; now we just need to get some virtual environments running so we
can do untrusted packages.

Hmm, might be worth an AWS account just to do the basic stuff.

--titus
-- 
C. Titus Brown, ctb at msu.edu


More information about the stdlib-sig mailing list